lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Dec 2021 17:59:56 +0200
From:   Amir Goldstein <amir73il@...il.com>
To:     Vivek Goyal <vgoyal@...hat.com>
Cc:     Chengguang Xu <cgxu519@...ernel.net>, Jan Kara <jack@...e.cz>,
        Miklos Szeredi <miklos@...redi.hu>,
        linux-fsdevel <linux-fsdevel@...r.kernel.org>,
        overlayfs <linux-unionfs@...r.kernel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        ronyjin <ronyjin@...cent.com>,
        charliecgxu <charliecgxu@...cent.com>
Subject: Re: ovl_flush() behavior

On Thu, Dec 2, 2021 at 5:20 PM Vivek Goyal <vgoyal@...hat.com> wrote:
>
> On Thu, Dec 02, 2021 at 10:11:39AM +0800, Chengguang Xu wrote:
> >
> >  ---- 在 星期四, 2021-12-02 07:23:17 Amir Goldstein <amir73il@...il.com> 撰写 ----
> >  > > >
> >  > > > To be honest I even don't fully understand what's the ->flush() logic in overlayfs.
> >  > > > Why should we open new underlying file when calling ->flush()?
> >  > > > Is it still correct in the case of opening lower layer first then copy-uped case?
> >  > > >
> >  > >
> >  > > The semantics of flush() are far from being uniform across filesystems.
> >  > > most local filesystems do nothing on close.
> >  > > most network fs only flush dirty data when a writer closes a file
> >  > > but not when a reader closes a file.
> >  > > It is hard to imagine that applications rely on flush-on-close of
> >  > > rdonly fd behavior and I agree that flushing only if original fd was upper
> >  > > makes more sense, so I am not sure if it is really essential for
> >  > > overlayfs to open an upper rdonly fd just to do whatever the upper fs
> >  > > would have done on close of rdonly fd, but maybe there is no good
> >  > > reason to change this behavior either.
> >  > >
> >  >
> >  > On second thought, I think there may be a good reason to change
> >  > ovl_flush() otherwise I wouldn't have submitted commit
> >  > a390ccb316be ("fuse: add FOPEN_NOFLUSH") - I did observe
> >  > applications that frequently open short lived rdonly fds and suffered
> >  > undesired latencies on close().
> >  >
> >  > As for "changing existing behavior", I think that most fs used as
> >  > upper do not implement flush at all.
> >  > Using fuse/virtiofs as overlayfs upper is quite new, so maybe that
> >  > is not a problem and maybe the new behavior would be preferred
> >  > for those users?
> >  >
> >
> > So is that mean simply redirect the ->flush request to original underlying realfile?
>
> If the file has been copied up since open(), then flush should go on upper
> file, right?
>
> I think Amir is talking about that can we optimize flush in overlay and
> not call ->flush at all if file was opened read-only, IIUC.
>

Maybe that's what I wrote, but what I meant was if file was open as
lower read-only and later copied up, not sure we should bother with
ovl_open_realfile() for flushing upper.

> In case of fuse he left it to server. If that's the case, then in case
> of overlayfs, it should be left to underlyng filesystem as well?
> Otherwise, it might happen underlying filesystem (like virtiofs) might
> be expecting ->flush() and overlayfs decided not to call it because
> file was read only.
>

Certainly, if upper wants flush on rdonly file we must call flush on
close of rdonly file *that was opened on upper*.

But if we opened rdonly file on lower, even if lower is virtiofs, does
virtiosfd needs this flush? that same file on the server was not supposed
to be written by anyone.
If virtiofsd really needs this flush then it is a problem already today,
because if lower file was copied up since open rdonly, virtiofsd
is not going to get the flushes for the lower file (only the release).

However, I now realize that if we opened file rdonly on lower,
we may have later opened a short lived realfile on upper for read post
copy up and we never issued a flush for this short live rdonly upper fd.
So actually, unless we store a flag or something that says that
we never opened upper realfile, we should keep current behavior.

> So I will lean towards continue to call ->flush in overlay and try to
> optimize virtiofsd to set FOPEN_NOFLUSH when not required.
>

Makes sense.
Calling flush() on fs that does nothing with it doesn't hurt.

Thanks,
Amir.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ